On Wed, Jul 21, 2010 at 09:58:50AM -0400, Todd C. Miller wrote:
> In message <20100721133934.GA23899 at foxbat.suse.cz>
> so spake Petr Uzel (petr.uzel):
>> > I'm curious: is it somehow possible to restrict some of the rules only
> > to users logged locally?
>> What would you consider a local user?
The same as who/lastlog commands.
> If the user is logged in on
> /dev/console or a virtual console tty this is easy to determine but
> that's not the case for users logged in via a graphical login.
I see. Only wtmp/utmp database comes to my mind. However, I don't
know if this might work and I doubt it is worth it. As I said - I was
just curious.
> > Next, I think that the above is a common misunderstanding - maybe
> > it should be mentioned in sudoers(5) and/or sudo FAQ ?
>> I'm not sure where this misconception comes from but I can add
> something to the documentation to try and clear it up.
Thanks.
>> - todd
Petr
--
Petr Uzel
IRC: ptr_uzl @ freenode
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/sudo-users/attachments/20100722/e071e051/attachment.bin>